package cn.formaggie.controller;

import cn.formaggie.entity.model.roleandpermission.Worker;
import cn.formaggie.service.face.WorkerService;
import cn.formaggie.util.CryptographyUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.Resource;
import javax.servlet.http.HttpSession;

@Controller
@RequestMapping("/worker")
public class WorkerController extends BaseController{

    @Resource
    private WorkerService workerService;

    @RequestMapping("/login")
    public String login(Worker worker, HttpSession session){
        Subject subject= SecurityUtils.getSubject();
        UsernamePasswordToken token=new UsernamePasswordToken(worker.getWorkerId(), CryptographyUtil.MD5(worker.getPassword(),worker.getWorkerId()));
        try {
            subject.login(token);
            subject.getSession().setTimeout(1000*60*60*4);
            session.setAttribute("worker",workerService.getWorkerByWorkerId(worker.getWorkerId()));
            return "redirect:/back/manage";
        } catch (AuthenticationException e) {
            session.setAttribute("worker",worker);
            session.setAttribute("errorMsg","用户名或密码错误");
            return "redirect:/login.jsp";
        }
    }

    @RequestMapping("/logout")
    public String logout(){
        SecurityUtils.getSubject().logout();
        return "redirect:/login.jsp";
    }

    @RequiresAuthentication
    @RequestMapping("/workerInfo")
    public String workerInfo(HttpSession session){
        return "/backpage/worker/workerInfo";
    }

    @RequiresAuthentication
    @RequestMapping("/modifyInfo")
    public ModelAndView modifyInfo(Worker worker,HttpSession session){
        ModelAndView mav=new ModelAndView();
        Boolean modifyState=workerService.modifyWorkerInfo(worker,session);
        if(modifyState){
            session.setAttribute("worker",workerService.getWorkerByWorkerId(worker.getWorkerId()));
            mav.addObject(STATE_MSG,"修改成功");
        }else{
            mav.addObject(STATE_MSG,"修改失败");
        }
        mav.setViewName("/backpage/middleRedirect");
        return mav;
    }

    @RequiresAuthentication
    @RequestMapping("/modifyPassword/{workerId}")
    public ModelAndView modifyPassword(@PathVariable String workerId, HttpSession session){
        Worker worker= (Worker) session.getAttribute("worker");
        ModelAndView mav=new ModelAndView();
        if(worker!=null&&worker.getWorkerId().equals(workerId)){

        }else{
            mav.addObject(STATE_MSG,"你的登录信息有误！");
        }
        mav.setViewName("/backpage/worker/modifyPassword");
        return mav;
    }

    @RequiresAuthentication
    @RequestMapping(value ="/modifyPassword",method = RequestMethod.POST)
    public ModelAndView modifyPassword(String workerId,String oldPassword,String password,HttpSession session){
        ModelAndView mav=new ModelAndView();
        Worker worker= (Worker) session.getAttribute("worker");
        if(worker!=null&&worker.getPassword().equals(CryptographyUtil.MD5(oldPassword,workerId))){
            if (workerService.modifyWorkerPsw(workerId,CryptographyUtil.MD5(password,workerId))) {
                mav.addObject(STATE_MSG, "修改密码成功");
                session.setAttribute("worker",workerService.getWorkerByWorkerId(workerId));
            } else {
                mav.addObject(STATE_MSG, "修改失败，如需帮助，联系管理员");
            }
            mav.setViewName("/backpage/middleRedirect");
        }else{
            mav.addObject(STATE_MSG,"你的旧密码不正确");
            mav.setViewName("/backpage/worker/modifyPassword");
        }
        return mav;
    }



}
